Privacy Policy
Version
1.0
09.19.23
Allthenticate is committed to protecting your privacy and providing you with a positive experience on our websites, while using our products and services ("Solutions"), and your personal or company-owned smartphone ("Device").
This Privacy Statement applies to Allthenticate websites and Solutions that link to or reference this Privacy Statement and describes how we handle personal information.
Types of data we collect
User Information
We collect the user's name, username, email address, and photo (optional) for use in their Allthenticate profile, which is provided by the user through the Allthenticator application.
Device Information
We store a public key that is linked to each Device and generated randomly during the setup process of the Allthenticator application and a Device universally unique identifier (UUID) for identification purposes by Allthenticate door readers and software.
Device Usage
We collect usage statistics of based on application usage on the Device, interactions between the Device and other Allthenticate resources (e.g., door readers, computer logins, and Allthenticate-enabled websites) to provide logging services to our customers and to improve the user experience.
Device logs
Logs obtained from a Device or Services include, but are not limited to, the type of access that was requested and timing information pertaining to the request and the response (e.g., a request to open the door that required no user interaction or a request to authorize the 'sudo' command that required user intent).
Location Data
Allthenticate does not gather user location data or track the user's location from the Allthenticator application. Background location is used in the Allthenticator application to launch in the background and connect to other Allthenticate resources (e.g., door readers and computers) when in their vicinity.
Financial
Administrators provide their company payment method and billing address if electronic payment is the desired method of payment for the company.
When and how we collect data
User Provided Information
Users provide Allthenticate with their name, username, and email addresses associated with their organizations that are using Allthenticate services. Additionally, billing information, such as credit card number or billing address, will be provided by administrators.
Employer Provided Information
Customers may choose to import existing employee data into our system, which may include employee names, pictures, email addresses, department, and specific group information.
Automatically Collected Information
The Device and Service information, Device and Service usage, and Device and Service logs are automatically collected when using the Device and Service and will be periodically uploaded to Allthenticate.
How and why we use your information
Services Operations
We need to use the user's username, public key, and email to uniquely identify them and provide them access to our Services. Your public key is used to verify the user's identity for secure interactions. The username and email are used for registration and interactions with Allthenticate Services.
Direct Contact
We may use provided email addresses to provide users with information regarding the Allthenticate service or any upcoming changes that may affect Allthenticate’s Services operations. We will not send emails about anything that does affect the Services or the user's Device directly.
Product Improvement
We use the logs of how Allthenticate enabled devices interact to make a more seamless service. Your personal information is not tied to any of these logs.
Who we share your data with and why
Your Employers
Allthenticate will share information relevant to user activity within their employer's organization with the administrator of said organization. Allthenticate will never share information that is not directly related to said organization in question (e.g., if the user is a part of multiple organizations that use Allthenticate).
Payment Processors
Allthenticate may share credit card and billing information provided by administrators with payment processors if that is the payment method used to pay for the provided Services.
Updates to this Policy
Any extensive updates to this policy will be summarized in an email that will be sent to the provided email addresses.
Security Policy
As a cybersecurity company ourselves, Allthenticate is well aware of what
can go wrong with respect to user data and Services being compromised.
Thus, we employ all of the security best practices, which are highlighted
below.
Smart Door Readers
Our smart door readers have no open ports or services, aside from SSH,
which is only accessible by Allthenticate’s support team using SSL
certificates (our passwords are in the past). They only communicate with
our management server located at backend.allthenticate.net
Cloud-based Services
All of our cloud-based services (e.g., Administration portal, logging
infrastructure, and management infrastructure) are currently hosted on
Amazon’s EC2 cloud, with strict firewall rules and security
policies.
The Allthenticator App
Our smartphone app, the Allthenticator, uses all of the recommended
security practices by both Google and Apple to store user data and
cryptographic information securely.
Allthenticate is committed to protecting your privacy and providing you with a positive experience on our websites, while using our products and services ("Solutions"), and your personal or company-owned smartphone ("Device").
This Privacy Statement applies to Allthenticate websites and Solutions that link to or reference this Privacy Statement and describes how we handle personal information.
Types of data we collect
User Information
We collect the user's name, username, email address, and photo (optional) for use in their Allthenticate profile, which is provided by the user through the Allthenticator application.
Device Information
We store a public key that is linked to each Device and generated randomly during the setup process of the Allthenticator application and a Device universally unique identifier (UUID) for identification purposes by Allthenticate door readers and software.
Device Usage
We collect usage statistics of based on application usage on the Device, interactions between the Device and other Allthenticate resources (e.g., door readers, computer logins, and Allthenticate-enabled websites) to provide logging services to our customers and to improve the user experience.
Device logs
Logs obtained from a Device or Services include, but are not limited to, the type of access that was requested and timing information pertaining to the request and the response (e.g., a request to open the door that required no user interaction or a request to authorize the 'sudo' command that required user intent).
Location Data
Allthenticate does not gather user location data or track the user's location from the Allthenticator application. Background location is used in the Allthenticator application to launch in the background and connect to other Allthenticate resources (e.g., door readers and computers) when in their vicinity.
Financial
Administrators provide their company payment method and billing address if electronic payment is the desired method of payment for the company.
When and how we collect data
User Provided Information
Users provide Allthenticate with their name, username, and email addresses associated with their organizations that are using Allthenticate services. Additionally, billing information, such as credit card number or billing address, will be provided by administrators.
Employer Provided Information
Customers may choose to import existing employee data into our system, which may include employee names, pictures, email addresses, department, and specific group information.
Automatically Collected Information
The Device and Service information, Device and Service usage, and Device and Service logs are automatically collected when using the Device and Service and will be periodically uploaded to Allthenticate.
How and why we use your information
Services Operations
We need to use the user's username, public key, and email to uniquely identify them and provide them access to our Services. Your public key is used to verify the user's identity for secure interactions. The username and email are used for registration and interactions with Allthenticate Services.
Direct Contact
We may use provided email addresses to provide users with information regarding the Allthenticate service or any upcoming changes that may affect Allthenticate’s Services operations. We will not send emails about anything that does affect the Services or the user's Device directly.
Product Improvement
We use the logs of how Allthenticate enabled devices interact to make a more seamless service. Your personal information is not tied to any of these logs.
Who we share your data with and why
Your Employers
Allthenticate will share information relevant to user activity within their employer's organization with the administrator of said organization. Allthenticate will never share information that is not directly related to said organization in question (e.g., if the user is a part of multiple organizations that use Allthenticate).
Payment Processors
Allthenticate may share credit card and billing information provided by administrators with payment processors if that is the payment method used to pay for the provided Services.
Updates to this Policy
Any extensive updates to this policy will be summarized in an email that will be sent to the provided email addresses.
Security Policy
As a cybersecurity company ourselves, Allthenticate is well aware of what
can go wrong with respect to user data and Services being compromised.
Thus, we employ all of the security best practices, which are highlighted
below.
Smart Door Readers
Our smart door readers have no open ports or services, aside from SSH,
which is only accessible by Allthenticate’s support team using SSL
certificates (our passwords are in the past). They only communicate with
our management server located at backend.allthenticate.net
Cloud-based Services
All of our cloud-based services (e.g., Administration portal, logging
infrastructure, and management infrastructure) are currently hosted on
Amazon’s EC2 cloud, with strict firewall rules and security
policies.
The Allthenticator App
Our smartphone app, the Allthenticator, uses all of the recommended
security practices by both Google and Apple to store user data and
cryptographic information securely.